<?php
//=========================
//Vuong Van Binh
//Wanbin@vietnambiz.com
//=========================

//ACTION ADD MEMBER
function add_member(){

  global $CONFIG,$db;
  
  if($_POST["addnewmem"]){
      
	  $data = array();
	  $data1 = array();
	  
	  $data["fullname"] 	= strip_tags($_POST["fullname"]);
	  $data["company"] 		= strip_tags($_POST["company"]);
	  $data["username"] 	= strip_tags($_POST["username"]);
	  $data["password"] 	= md5($_POST["password"]);
	  $data["email"] 		= strip_tags($_POST["email"]);
	  $data["type"] 		= "company";
	  $data["reg_date"] 	= date('Y-m-d h:i:s',time());
	  
	  $repassword 	= strip_tags($_POST["repassword"]);
	  
	  if($data["type"]=="personal"&&empty($data["fullname"])){
	     
		 $CONFIG["error_message"] = "<li>Bạn chưa nhập tên đầy đủ.</li>";
	   
	  }
	  
	  if($data["type"]=="company"&&empty($data["company"])){
	     
		 $CONFIG["error_message"] .= "<li>Bạn chưa nhập công ty.</li>";
	   
	  }
	  
	  if(empty($_POST["password"])||$_POST["password"]!=$repassword){
	  
	     $CONFIG["error_message"] .= "<li>Password không đúng.</li>";
	  }
	  
	  if(!valid_email($data["email"])){
	   
	     $CONFIG["error_message"] .= "<li>Email không đúng.</li>";
	   
	  }
	  
	  if(get_member_id($data["username"])>0||empty($data["username"])){
	  	
		$CONFIG["error_message"] .= "<li>Tên đăng nhập không đúng.</li>";
		
	  }
	  	  
	  if(empty($CONFIG["error_message"])){

		  $insert = $db->exec_insert("members",$data); 
		  
	      if(mysql_affected_rows()>0){
		  	
			  if($_POST["exit"]&&$data["type"]=="company"){
			  	server_redirect(ADMIN_URL."/index.php?module=member&option=company");
			  }else if($_POST["exit"]){
			  	server_redirect(ADMIN_URL."/index.php?module=member");
			  }	
				
			  $CONFIG["success_message"] .= "<li>Thêm mới thành viên thành công.</li>";
			  
			  $data1["mem_id"] 	 = mysql_insert_id();
			  $insert = $db->exec_insert("members_info",$data1); 
			  
			  unset($_POST);

		  }
	  }

	
  }

}

//GET INFO MEMBER TO EDIT
function get_member_edit(){

  global $db;
  
  $edit_id = intval($_GET["id"]);

  $mem_edit = $db->query_first("SELECT members.*,members_info.* FROM members,members_info WHERE members_info.mem_id = members.mem_id AND members.mem_id =".$edit_id);
  
  if($edit_id==1||$edit_id<1||!$mem_edit){
  
  	server_redirect(ADMIN_URL);
	
  }
  
  return $mem_edit;
  
}
//GET INFO ID MEMBER THROUGH USERNAME
function get_member_id($username){

  global $db;

  $mem_rs = $db->query_first("SELECT mem_id FROM members WHERE username = '".mysql_real_escape_string($username)."' ");
  
  if($mem_rs['mem_id']<1){
  
  	return 0;
	
  }
  
  return $mem_rs['mem_id'];
  
}
//ACTION EDIT MEMBER
function edit_member(){

  global $CONFIG,$db;
  
  if($_POST["editmem"]){
      
	  $edit_id				= intval($_POST["edit_id"]);
	  
	  $data = array();
	  
	  $data["fullname"] 	= strip_tags($_POST["fullname"]);
	  $data["company"] 		= strip_tags($_POST["company"]);
	  $data["username"] 	= strip_tags($_POST["username"]);
	  
	  
	  $repassword 	= strip_tags($_POST["repassword"]);
	  
	  
	  
	  if(!empty($_POST["password"])&&$_POST["password"]!=$repassword){
	  
	     $CONFIG["error_message"] .= "<li>Password không đúng.</li>";
	  }
	    
	  if(empty($CONFIG["error_message"])){
	      
		  if(empty($_POST["password"])){
		  
			  	$db->exec_update('members',$data,'`mem_id`='.$edit_id);
				
		  }else{
		        
				$data["password"] 	= md5($_POST["password"]);
				
		  		$db->exec_update('members',$data,'`mem_id`='.$edit_id);
		  
		  }
		  
		  if(mysql_affected_rows()>0){
		  
		  	  if($_POST["exit"]&&$data["type"]=="company"){
			  	server_redirect(ADMIN_URL."/index.php?module=member");
			  }else if($_POST["exit"]){
			  	server_redirect(ADMIN_URL."/index.php?module=member");
			  }		
		  
		  		$CONFIG["success_message"] .= "<li>Cập nhật thành viên thành công.</li>";

		  }
		 
	  }

	
  }

}
function active()
{
	global $db;
	
	if(intval($_GET["active"])>0){
		
		$db->exec_update('members',array("status"=>"yes"),'`mem_id`='.intval($_GET["active"]));
		
	}
	
	if(intval($_GET["unactive"])>0&&$_GET["active"]!=1){
	
		$db->exec_update('members',array("status"=>"no"),'`mem_id`='.intval($_GET["unactive"]));
	}
}
function verified()
{
	global $db;
	
	if(intval($_GET["verified"])>0){
		
		$db->exec_update('members',array("verified"=>"yes"),'`mem_id`='.intval($_GET["verified"]));
		
	}
	
	if(intval($_GET["noverified"])>0){
	
		$db->exec_update('members',array("verified"=>"no"),'`mem_id`='.intval($_GET["noverified"]));
	}
}

//GET ALL INFO MEMBER
function get_all_member_page($type)
{

	global $db,$CONFIG;
    
	//Select member in 30 day arround
	$date_today = date('Y-m-d',time());
	$date_cond 	= date_process($date_today,'-',30,'Y-m-d');
	
	//$cond_reg	= " AND reg_date > '".$date_cond."'";
	//========================================================
	$cond_reg = "";
        $cond='';
	if($_GET["search"]){
		
		$cond_reg = "";
		
		switch($_GET["mode"]){
				
				case "username":{	$cond=" AND username LIKE ".$db->quote('%'.$_GET['keyword'].'%');
				
									break;
				}case"fullname":{	$cond=" AND fullname LIKE ".$db->quote('%'.$_GET['keyword'].'%');
				
									break;			
				
				}case"email":{		$cond=" AND email LIKE ".$db->quote('%'.$_GET['keyword'].'%');
									
									break;
				}
				
		}

	}

	if($_GET["filter-verified"]){$cond .=" AND verified = '".mysql_real_escape_string($_GET["filter-verified"])."'"; $cond_reg = "";}
	
	if($_GET["filter-status"]){$cond .=" AND status = '".mysql_real_escape_string($_GET["filter-status"])."'";$cond_reg="";}
    		
	$sel_all=$db->query_first("SELECT COUNT(mem_id) m FROM members WHERE mem_id<>1 ".$cond.$cond_reg);
	
	$page=intval($_GET["page"]) ? intval($_GET["page"]) :1;
	$page=intval($page);
	if ($page<0){ $page=1; }
	$number=$sel_all['m']; 
	$limit = $CONFIG['rows_per_page_member'];
	$total=ceil($number/$limit); 
	$start = (($page*$limit)-$limit);
	
	$member = $db->query("SELECT * FROM members WHERE mem_id<>1 ".$cond.$cond_reg." ORDER BY mem_id DESC LIMIT ".$start.",".$limit);
	
	return array("member"=>$member,"page"=>$page,"total"=>$total);

}
//ACTION SEND MESSAGE
function send_message(){

  global $CONFIG,$db;
  
  if($_POST["send"]){
      
	  $arr_to_id = array();
	  
	  $title 		= strip_tags($_POST["title"]);
	  $content 		= strip_tags($_POST["content"],"<br>");

	  if(!empty($_POST['username'])>0){
	  
			$username_arr	= explode(',',strip_tags($_POST['username']));
			
			for($i=0;$i<count($username_arr);$i++){
				
				$to_id = get_member_id($username_arr[$i]);
				
				if($to_id>0){
					$arr_to_id[$i] = $to_id;
				}else{
					$CONFIG["error_message"] = "<li>Username không đúng!</li>";
				}
			
			}
	  	
	  
	  }else{
	  	$CONFIG["error_message"] .= "<li>Username không đúng.</li>";
	  }
  
	  if(empty($title)){
	   
	     $CONFIG["error_message"] = "<li>Bạn chưa nhập chủ đề.</li>";
	   
	  }
	  
	  if(empty($content)){
	  
	     $CONFIG["error_message"] .= "<li>Bạn chưa nhập nội dung.</li>";
	  }
	  
	  if(empty($CONFIG["error_message"])){

		  $data = array();
		  
		  $data["from_id"] 		= 1;
		  $data["title"] 		= $title;
	  	  $data["content"] 		= $content;
		  $data["senddate"] 	= date('Y-m-d h:i:s',time());

		  
		  
		  for($i=0;$i<count($arr_to_id);$i++){
		  
		  	$data["to_id"] 		=  $arr_to_id[$i];
			
		  	$insert = $db->exec_insert("member_message",$data); 
		  }

		  
	      if(mysql_affected_rows()>0){
		  		
			  $CONFIG["success_message"] .= "<li>Đã gửi thành công.</li>";
			  
			  unset($_POST);
		  }
	  }

  }

}



function send_mail(){
	
   global $db,$CONFIG;	
   	
   if($_POST){
		
		$email 	 = strip_tags($_POST["email"]);
		$subject = strip_tags($_POST["subject"]);
		$content = $_POST["content"];
		
		if(empty($email)||!valid_email($email)){
		   
			 $CONFIG["error_message"] = "<li>Email không đúng.</li>";
		   
		}
		
		if(empty($subject)){
		   
			 $CONFIG["error_message"] .= "<li>Bạn chưa nhập chủ đề.</li>";
		   
		}
		
		if(empty($content)){
		   
			 $CONFIG["error_message"] .= "<li>Bạn chưa nhập nội dung.</li>";
		   
		}
		
		if(empty($CONFIG["error_message"])){
		    
			$smtp=$db->query_first("SELECT * FROM smtp WHERE 1 ORDER BY RAND() LIMIT 0,1");
			
			$cfg['smtp_host']=$smtp['host'];
			$cfg['smtp_user']=$smtp['user'];
			$cfg['smtp_pass']=$smtp['pass'];

			$mail = new PHPMailer();
			$mail->IsSMTP();
			$mail->SetLanguage("vn", "");
			$mail->Host     = $cfg['smtp_host'];
			$mail->SMTPAuth = true;
			$mail->Username = $cfg['smtp_user'];
			$mail->Password = $cfg['smtp_pass'];
			$mail->From     = $CONFIG["sender_email"];
			$mail->FromName = $CONFIG["name_sender_email"];
			$mail->AddAddress("$email","$email");
			$mail->AddReplyTo($CONFIG["sender_email"],$CONFIG["name_sender_email"]);
			$mail->IsHTML(true);
			$mail->Subject  =  $subject;		
			
			$mail->Body		=  $content;
			if($mail->Send()){
			
				 $CONFIG["success_message"] = "<li>Gửi thư thành công.</li>";
				 
				 $db->query("UPDATE smtp SET `count`=`count`+1 WHERE id=".$smtp['id']);
				 
				 unset($_POST);
				
			}else{
				$CONFIG["error_message"] = "<li>Gửi thư không thành công!</li>";
			}
		}
	}
}
?>